Tag: Mobility

Windows Autopilot is a Windows 10 feature that enables organizations to pre-register devices either through an OEM or manually. When users receive a Windows 10 device that is registered with Autopilot and turn it on, they’ll walk through a streamlined and customized out of box experience (OOBE). In summary, Autopilot helps to reduce the costs…

I recently read a really great post by Martin Bengtsson about utilizing Configuration Manager (SCCM) to force installation of the Windows Defender Browser Protection extension for Chrome. So I decided to take a different approach and deploy the extension utilizing a PowerShell script deployed through Microsoft Intune. To learn more about the Windows Defender Browser…

When I speak with organizations about managing Windows 10 devices with Microsoft Intune there is a concern about disruption of current projects to deploy new OSs, patches, etc. When moving to Intune for managing Windows devices, Intune will leverage the built-in MDM agent vs. having to install another agent to manage Windows 10 devices….

Organizations using Windows Information Protection (WIP) may experience issues accessing the Intune Company Portal app. Fortunately, exempting Intune Company Portal app and any other application from a WIP policy is straight forward. To learn more about creating Windows Information Protection policies please visit: https://docs.microsoft.com/en-us/windows/security/information-protection/windows-information-protection/create-wip-policy-using-mam-intune-azure Let’s get started By exempting an…

With the release of Windows 10 Creators Update there have been many enhancements to Windows 10. For this post, I’ll focus on an expanded feature that is only available in version 1703 (i.e. Creators Update). In Windows 10 version 1607 we released Windows Information Protection where devices that are enrolled with Microsoft Intune (or…

If you’re an Office 365 customer or even an Azure customer then you’re probably familiar with Azure Active Directory (or Azure AD). Azure AD is the core identity provider that the majority of Microsoft services rely on for authentication. For today’s post I thought it would be interesting to pull sign-in activity into Power…

Hi everyone, with all the cross integration between Azure Active Directory and Office 365 it time to explain these conditional access in detail. While Office 365 offers a level of controls by service, Azure Active Directory and Microsoft Intune can come over the top of those services an provide further controls or leverage conditional access…

Everyday I’m asked questions about Enterprise Mobility + Security as well as other Microsoft services. I’m also asked how we can provide single-sign on to SaaS and on-premises applications using Azure AD Premium. What surprises me though is how few organizations ask me about providing additional protection layers to protect accounts as well as the…

With all the news about cyber-attacks and data leakage and stolen credentials, it’s important that a multilayered security approach is in place no matter how small or large the organization. Even as individuals, implementing a multilayered security approach for our personal accounts is beneficial (e.g. two-factor authentication). I’ve posted in the past about Microsoft Advanced…

Have you ever wondered what is going on within the SaaS services your organization is using? Are you curious about what unsanctioned SaaS apps employees may be storing company data in? Do you want to know where and when sensitive data is stored in the cloud? Do you want to know who’s accessing sensitive…